How to turn off rails protect_from_forgery filter only for json How to turn off rails protect_from_forgery filter only for json ruby-on-rails ruby-on-rails

How to turn off rails protect_from_forgery filter only for json


ruby-on-rails ajax json rest protect-from-forgery

You can just skip the authenticity token check if its a json request

class ApplicationController < ActionController::Base  skip_before_filter :verify_authenticity_token, if: :json_request?  def json_request?    request.format.json?  endend

ruby-on-rails ajax json rest protect-from-forgery

Add the code below to your ./app/controllers/application_controller.rb:

protect_from_forgery unless: -> { request.format.json? }

ruby-on-rails ajax json rest protect-from-forgery

Instead of disabling the CSRF check you can pass the authenticity_token field in your forms, eg:

<%= hidden_field_tag :authenticity_token, form_authenticity_token %>

http://apidock.com/rails/v2.0.0/ActionController/RequestForgeryProtection/ClassMethods/protect_from_forgery

Recent Posts
How can I color dots in a xy scatterplot according to column value?
How to update a claim in ASP.NET Identity?
What does {0} mean when initializing an object?
Accessing members of items in a JSONArray with Java
How to log SQL statements in Spring Boot?
Powershell Get-WebSite name parameter is ignored
How to detect scroll to bottom of html element
Java synchronized method
How to test controllers with CodeIgniter?
Detect Visual Composer
Matplotlib: Specify format of floats for tick labels
Rails join a list of strings with commas and "and" before the last